Malicious code in dev-env-bootstrapper (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

MAL-2026-2326 Malicious code in raydium-bs58 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 866a59b63d949dfe36c6082c9daa6fddcb18993724e9980c245a49ff59944fee The package raydium-bs58 was found to contain malicious code. Source: ghsa-malware b6ba968c5cb1e12fc81fc5ed1694c2221b6ac0299199508b80100927801f07f3 A...

MAL-2026-1831 Malicious code in rabbitmq-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5fd48bd646ad6b2f173f479170d732395513c048f0c0f6148205c0e1d08f864 The package rabbitmq-sdk was found to contain malicious code...

MAL-2026-1490 Malicious code in ember-power-calendar-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55191162c66f85fd90f4c2bb6354b569a7ab7cdc6a380289defcc8be784ed434 The package ember-power-calendar-utils was found to contain malicious code. Source: ghsa-malware...

x402 SDK Security Advisory

Impact A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK. Who...

MAL-2026-880 Malicious code in console-style-pro0o0o0o (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fe7407a5523ef7efe6bec615d9601fe978b9e5de59d19d7e8e2ff054c5e09e9 The package console-style-pro0o0o0o was found to contain malicious code. Source: ghsa-malware...

MAL-2026-434 Malicious code in weaviate-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c229f83d7066881287b7035e8e71dc5ed74531480ab19cbf47ebd72990bc1525 The package weaviate-js was found to contain malicious code. Source: ghsa-malware bb063c82675f5933564b46d7e49a2c2a7aac395d9a399b1264e3de0aafb29905 An...

EUVD-2026-3067

Malicious code in lusha-integrations-widgets npm...

EUVD-2026-1108

Malicious code in matic-transfer-consumer npm...

EUVD-2025-204885

Malicious code in elf-stats-sprucey-giftbox-118 npm...

EUVD-2025-199807

Malicious code in bitcoin-lib-js npm...

EUVD-2025-199476

Malicious code in @oku-ui/popper npm...

EUVD-2025-199393

Malicious code in @voiceflow/runtime-client-js npm...

MAL-2025-190991 Malicious code in react-jam-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 369fe7c56e5f271a31e023cbe36323fc11043fc4747d0309c5c48aaa1eedf822 The package react-jam-icons was found to contain malicious code. Source: ghsa-malware 1c50426946a6dd92cf360d347aa3ed8f15988f3655c7721aff8dd0b8ff8e946...

Malicious code in @ensdomains/renewal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a66dd3b7f22e60f2047119e09a00f2034cd8c4d1844cad51f9a1c87515274c6 The package @ensdomains/renewal was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-179928

Malicious code in byte-assert-finally-hot-sanitize npm...

EUVD-2025-178115

Malicious code in levels-event-bionics-nodejs npm...

EUVD-2025-179110

Malicious code in envconfig-dotenv-safe-middleware-javascript npm...

EUVD-2025-175423

Malicious code in zenobia-nightwatch-rigel-javascript npm...

EUVD-2025-176627

Malicious code in rimraf-quantum-csv-javascript npm...